Privacy notice

omou requests the following Google API scopes:

• Gmail (gmail.modify) — read, send, archive, trash, and label your emails.
• Contacts (contacts.readonly, contacts.other.readonly) — look up sender photos and provide recipient autocomplete.
• Profile (openid, email, profile) — identify your account for sign-in.

Email content is fetched directly from Google to your browser via the Gmail API. omou does not store your emails on any server. There is no database of user email data.

The only server-side operation in the standard flow is exchanging your OAuth authorization code for tokens using Google’s token endpoint. This uses your app’s client secret, which is stored securely on the server and never exposed to the browser.

omou offers optional AI-powered features including email summarization, chat, proofreading, action suggestions, and daily briefings. When you use these features:

• Relevant email content (subject, sender, recipients, body text) is sent to Google Gemini via Vercel’s AI Gateway for processing.
• This data is processed in real time and not stored by omou after the response is returned.
• AI features are optional and only activated by explicit user actions — no email data is sent to AI services in the background.
• Attachment contents are never sent to AI services.

OAuth tokens (access token and refresh token) are stored in your browser’s localStorage. They are never sent to omou servers or any third party. They are used exclusively to authenticate requests to Google’s APIs from your browser.

omou uses the following third-party services:

• Vercel — hosting and serverless functions for the app and API routes.
• Google Gemini (via Vercel AI Gateway) — processes email content for AI features on-demand.
• Google APIs (Gmail, People) — email and contact data access.

omou’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

omou does not use any analytics, tracking, or telemetry services. No user behavior data is collected or shared.

You can revoke omou’s access at any time from your Google Account permissions page. You can also sign out within the app, which clears all locally stored tokens.

Since omou does not store your email data on any server, there is nothing to delete on our end.

You can request deletion of your data at any time. Contact us by email to the address listed on this site or in our emails and we will remove any data from associated systems. If you are in the European Economic Area, you also have rights to access, rectify, and restrict processing of your data under applicable law.

We may update this notice from time to time. The current version is always available on this page.